Lucene search
K

13 matches found

Rockylinux
Rockylinux
added 2026/06/01 6:3 a.m.25 views

php:8.2 security update

An update is available for php, php-pecl-rrd, module.php, module.php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.8CVSS5.5AI score0.0078EPSS
Exploits1
OSV
OSV
added 2026/06/01 12:0 a.m.14 views

ALSA-2026:22142 Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

8.8CVSS5.9AI score0.0078EPSS
Exploits1References10
CloudLinux
CloudLinux
added 2026/05/26 9:20 a.m.12 views

php: Fix of CVE-2026-6735

CVE-2026-6735: fix XSS within FPM status endpoint...

8.8CVSS5.8AI score0.0021EPSS
Exploits1
OSV
OSV
added 2026/05/25 1:11 p.m.9 views

CLSA-2026-1779292803 Fix CVE(s): CVE-2026-6735

SECURITY UPDATE: XSS within status endpoint in PHP-FPM - debian/patches/CVE-2026-6735.patch: XSS within status endpoint in PHP-FPM - CVE-2026-6735...

8.8CVSS5.8AI score0.0021EPSS
Exploits1References1
OSV
OSV
added 2026/05/22 1:21 p.m.10 views

OESA-2026-2420 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

9.8CVSS6.1AI score0.00337EPSS
Exploits1References5
OSV
OSV
added 2026/05/18 5:1 p.m.8 views

CLSA-2026-1779123668 Fix CVE(s): CVE-2026-6735

SECURITY UPDATE: XSS via unsanitized request URI in PHP-FPM status page - debian/patches/CVE-2026-6735.patch: escape requesturi with HTML entities in fpmstatushandlerequest for HTML/XML output formats, and fix querystring escape flags in sapi/fpm/fpm/fpmstatus.c - CVE-2026-6735...

8.8CVSS5.8AI score0.0021EPSS
Exploits1References1
OSV
OSV
added 2026/05/18 7:58 a.m.4 views

SUSE-SU-2026:1958-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2026/05/16 12:0 a.m.16 views

SUSE SLES16 Security Update : php8 (SUSE-SU-2026:21612-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21612-1 advisory. This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when...

9.8CVSS6.5AI score0.0078EPSS
Exploits1References31
Debian
Debian
added 2026/05/15 10:59 p.m.18 views

[SECURITY] [DLA 4586-1] php7.4 security update

Debian LTS Advisory DLA-4586-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 16, 2026 https://wiki.debian.org/LTS Package : php7.4 Version : 7.4.33-1+deb11u11 CVE ID : CVE-2026-6722 CVE-2026-6735 CVE-2026-7258 CVE-2026-7261 CVE-2026-7262 CVE-2026-7568 Debian...

9.8CVSS6.4AI score0.0078EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/05/14 11:27 p.m.9 views

CVE-2026-6735 affecting package php for versions less than 8.3.31-1

CVE-2026-6735 affecting package php for versions less than 8.3.31-1. A patched version of the package is available...

8.8CVSS5.8AI score0.0021EPSS
Exploits1
OSV
OSV
added 2026/05/13 11:14 a.m.9 views

CLSA-2026-1778670864 php: Fix of CVE-2026-6735

CVE-2026-6735: HTML-encode proc.requesturi and tighten querystring entity flags in sapi/fpm/fpm/fpmstatus.c to fix XSS in PHP-FPM status endpoint...

8.8CVSS5.8AI score0.0021EPSS
Exploits1References1
OSV
OSV
added 2026/05/10 5:16 a.m.9 views

DEBIAN-CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

6.1CVSS6.2AI score0.0021EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2026/05/10 3:27 a.m.8 views

CVE-2026-6735

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, 8.5. before 8.5.6, due to improper sanitation of user data, it allows an attacker to compose an URL, which will cause the target to execute arbitrary JavaScript code XSS on the target's machine when the target is viewing...

8.8CVSS6.2AI score0.0021EPSS
Exploits1
Rows per page
Query Builder